Abstract

Your brand has multiple products on the web. They all need authentication. But obviously, you’d maintain a common authentication and user database.
Also, in this age, you cannot make a login system without Login with [Facebook|Google|Twitter|...]
For the second thing, you need to consume Oauth2.0 (the industry standard now), for the first thing, you need to make your own Oauth server.And you want all of this to happen securely (so yeah, little to no frontend JS)

Outline

This talk is nothing but my journey of building oneauth
Even before we had a tech team, I knew we’d be building at least 2 very disconnected products, but having a common authentication mechanism. My search for a reference took me to HasGeek’s own - Lastser
I eventually wrote my own in NodeJS, which uses a lot of open source tools from Auth0 (including the famous Passport.js)

Also we had a lot of users using an older website with user accounts made there. Our new website seamlessly migrates them when they login for the first time on new website.

Our story is a typical startup turning half-baked PoC’s and MVP’s into production ready websites.
We didn’t verify emails or even have unique email address column from the beginning. How can we bake
those in, post facto (without destroying everyone’s accounts) will also feature in my talk.

Speaker bio

Arnav Gupta is the Co-Founder of Coding Blocks, an online + offline software development bootcamp, based out of New Delhi, where he mentors Android and NodeJS students.
He has been tinkering with Android, NodeJS and Electronics since school and has contributions to open source projects like the Android OS (AOSP), Arduino IDE, FOSSIA Open Event.
Arnav has been a speaker at many national and international conferences including FOSSASIA, DroidCon India, JsFoo, Fragments, MODS, Devfest Russia and OSDConf.